Remove version information from WordPress header

By default, WordPress installations announce their currently installed version in the header. You will find it within a meta tag of the page’s HTML.

If you do not keep on top of WordPress updates, you can imagine that this presents a security risk. Those wishing to exploit vulnerabilities like the recent XSS vulnerability in WordPress 2.8.1 can target blogs just by looking at the header meta information. The situation gets worse if you are still using an even older version of WordPress.

Getting WordPress to stop advertising this version information requires that you add the following to your theme’s functions.php file. Remember how we removed other header elements? This WordPress hack is similar. Note that you need to do this every time you change your theme.